Although the Trust collects very limited personal data, it is prudent to set out how the Trust complies with the new General Data Protection Regulations (GDPR) coming into force in May 2018.
The Plater Trust is a small charitable trust which does not employ staff and is managed by a contracted trust manager under the direction of trustees. It awards grants to relevant organisations in England and Wales and therefore does not have individual beneficiaries. (See www.plater.org.uk )
The Trust holds basic contact details of people with whom it needs to communicate. This includes:
The data is held purely for communications purposes and not shared with other organisations or individuals.
All the data derives from details supplied to the Trust by the people concerned (i.e. trustees, applicants etc.).
All data is held electronically. The contact data is held in the Trust’s Outlook Contacts which is a password protected component of the Catholic Education Department’s cloud-based Office 365 account. Additional contact details are held in files containing details of applications for grants. These are also held in a secured Office 365 account.
The roles of Data Controller and Data Processor are held by the Trust Manager, who maintains the Contacts database and the Trust’s operational filing system.
The Trust Manager has day to day access to the data. In his/her absence, access can be obtained by designated officers of the Catholic Education Service.
All the personal data is held for the necessary operation of the Trust’s activities.
In the case of Contacts data, as long as the need to communicate with the individual remains. Filed documents relating to applications etc. are retained for an indefinite period for reference.
The Trust’s website (www.plater.org.uk) uses Google Analytics to track visits to the site. This is anonymised data used only to assess the number of visits to the various pages on the website.
By contacting the Trust Manager at firstname.lastname@example.org